a6bf83e07fac9fa32cfa44ee4125a305_JaffaCakes118

General

Target

a6bf83e07fac9fa32cfa44ee4125a305_JaffaCakes118
Size

1.2MB
MD5

a6bf83e07fac9fa32cfa44ee4125a305
SHA1

c00e267c68f18c4d776590a68ca8013eb5cd32b0
SHA256

ad5bdeaf48414ad2a034da0075fe38ec43c9776e20ef6d856acc10f80292867d
SHA512

2b2069969d065958e374c873fcd00e1e145f20238b03c2af97921621e32755b8fa93df5afa5d501ce337d7be0be896c75d8253610b75052052e3600772095df5
SSDEEP

768:eXYGgTTFUkyX9TTPTTvTTvTTPTTvTTDZJK+sbiOgh0:vJLyX9TTPTTvTTvTTPTTvTTDDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6bf83e07fac9fa32cfa44ee4125a305_JaffaCakes118

Files

a6bf83e07fac9fa32cfa44ee4125a305_JaffaCakes118
.exe windows:1 windows x86 arch:x86

99ef1c5b38469bd67f019d5513ddf381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetModuleHandleA
ExitProcess
FindResourceA
SizeofResource
LoadResource
CreateFileA
SetFilePointer
ReadFile
CloseHandle
HeapCreate
CreateThread
SetThreadPriority
WaitForSingleObject
HeapDestroy
Sleep
CreateToolhelp32Snapshot
Process32First
Process32Next
lstrcmpi
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
VirtualFreeEx
GetProcAddress
GetModuleFileNameA

user32

RegisterClassA
CreateWindowExA
DefWindowProcA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadIconA
GetClientRect
InvalidateRect
GetDC
ReleaseDC
PostQuitMessage
MessageBeep

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers

opengl32

glBegin
glClear
glClearColor
glColor3f
glDepthFunc
glEnable
glEnd
glHint
glLoadIdentity
glReadPixels
glRotatef
glShadeModel
glTranslatef
glVertex3f
glViewport
wglCreateContext
wglDeleteContext
wglMakeCurrent

winmm

waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite
waveOutClose

Sections

.flat
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

99ef1c5b38469bd67f019d5513ddf381

Headers

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

winmm

Sections

.flat Size: 40KB - Virtual size: 40KB

.bss Size: - Virtual size: 72KB

.flat
Size: 40KB - Virtual size: 40KB

.bss
Size: - Virtual size: 72KB